If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

MAC spoofing and packet sniffing?

If I use a packet sniffer to watch my network (its how I found that trojan on my other box yesterday) it listens on my ip, meaning I can see whats going on on my laptops connections, but id like to check my other two boxes.

Just putting the packet sniff on my other two boxes would be the easy option but for some reason the sniffer works with the pcmcia card but not the usb ones :s Also because im just lazy...

So as a wonder.. If I could spoof my ip and/or mac as the same as my router, could I watch the connections to my other machines aswell? Or even if I could spoof the same ip/mac as the boxes one at a time?

Ethereal works perfectly well on a wireless network assuming WinPCap can use the wireless card which it usually seems to.

Don\'t SYN us.... We\'ll SYN you..... \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Windows does everything by itself but I keep ending up with problems like the one I had there, and spending more time on linux will help me learn

Errrr.... Wrong..... It will help you learn a different OS...

Windows does do everything by itself.... But you do have a remarkable amount of control _if_ you want to have it and want to learn how.....

What's the difference?

Don\'t SYN us.... We\'ll SYN you..... \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Just remember that to secure your network, you have to know exactly how each OS you're using is communicating so that you can either turn it off, secure it, or watch it for intrusion:

MS Windows out of the box for example, may have NetBios, NetBEUI, IPX/SPX, and IP all listening to the network and sending out packets that anounce their presence. IP is the most likely candidate for intrusion.

For UNIX, IP is the lifeblood of UNIX-like OSs, available and intricately tied to almost
every function of the OS.
Rather than disabling networking, you'll more likely want to trim any unnecessary services and secure the system as well as you can.

Pay attention to the networking protocols in use by the Box's OSs and other networking devices you install. You'll want to disable any protocols you don't need and set up the proper monitoring and detection systems for the protocols you leave running.